Event postponed due to COVID-19

The Training Day

The training day consists of paid trainings held on April 1st.

The training requires an add-on ticket option that you can get from the tickets registration page. Please notice that there are a limited number of seats at each training.

The price for a training ticket add-on is 5750 SEK including MOMS.

foss-north reserves the right to cancel the trainings if the attendance is too low. The training add-on is then refunded in full. Once you buy a training add-on, it will not be refunded unless the training is cancelled by foss-north.

The following trainings are offered:


Fast track to OpenEmbedded and Yocto Project

By Chris Simmonds

If you are working with embedded Linux you will be aware that the Yocto Project is a key component for generating device firmware. This intensive one day workshop will teach you how to make effective use of OpenEmbedded and Yocto Project to create highly functional, reliable system images for your target device. It will show you how to select packages, how to customise system behaviour, and how to create your own meta layers. With the relevant information under your belt you will have your embedded Linux system up and running in no time!

The theory is backed up with hands-on labs where you will get a chance to try out all the concepts covered in the presentations. You will build a fully-functional system using a BeagleBone Black development board.


Audience and prerequisites

This workshop is ideal for software engineers who are familiar with embedded devices but need to apply that knowledge to Linux development, and to those who are familiar with Linux, but want to apply that knowledge to embedded systems

Attendees should know C/C++ pretty well, and must be familiar with Linux command-line tools such as 'find', 'grep' and 'make'

About half the workshop is dedicated to hands-on sessions. Consequently you will need to bring a laptop along with you (or destop, if you can carry it :-)). Pretty much any recent laptop be fine so long as it is at least dual core and has at least 8 GB memory. No Macintoshes, please. I will provide USB flash drives (which are yours to keep) with a copy of Ubuntu pre-installed. You just need boot your laptop from the USB drive. Please note that this means you must be able to access the BIOS boot menu at start up.

If demand for this workshop is high it may be necessary for people to team up into groups of two

Course materials

All attendees will receive:

Course duration and format

One day. The training includes lunch and a coffee break.

About the trainer

Chris Simmonds has been using Linux in embedded systems for over 15 years. He has been running training courses and workshops in embedded Linux since 2002 and has delivered hundreds of sessions to many well-known companies in the UK, Europe, USA, South America and SE Asia. He is the author of the book “Mastering Embedded Linux Programming”, and is a frequent presenter at open source and embedded conferences, including Embedded Linux Conference and Embedded World.

You can see some of his work on the "Inner Penguin" blog at www.2net.co.uk


Android Automotive Internals and Security

By Ron Munitz

In this comprehensive overview workshop, developed and taught by world class Security and OS Internals expert Ron Munitz, you will learn Android security at all possible levels, from the bootloader, through building Secure Applications, with focus on the Android Automotive Operating System. We will start by understanding what the Android Operating System is, compare it to other Automotive (and non-automotive!) Operating systems, and discuss the "interim" variant of Android Auto, and explain its uses cf. Android Automotive OS.

We will then explain hardware integration in Android, on our way to explain all the different layers of Android, concluding by comparing different Android OS products to the Android Automotive OS, laying the foundations for explaining the Android Automotive HAL's.

Once we have done that, we will have a detailed tour of the Android Security mechanism evolution, and lay the existing security mechanisms, weaknesses in existing devices, and build the security-oriented set of mind for prospective Android Automotive designs.

Upon completion of this workshop, you will be able to:

Audience and prerequisites

The training is intended for System Architects, Mobile Developers, Android Porting engineers, Integration Engineers, IT Managers, Security Personnel with Java experience, Security Researchers, Embedded (Linux, Integrity, QNX, … etc) engineers/Embedded engineers researchers tasked with Android related work in the automotive domain (but not only!)

To take this course, you must have practical software development experience, and feel comfortable about getting into new concepts and programming languages. It is helpful to either have prior programming experience in Java/Kotlin and preferably Android, or have prior experience with other Automotive operating systems such as QNX, Integrity, Linux and such. Strong understanding of Operating System architecture is also recommended. However, in the one-day workshop, we will give a comprehensive architecture overview, so newcomers will learn a lot as well.

Android development experience is recommended, but experienced Linux developers or Cybersecurity researchers new to Android would also benefit significantly from the course.

Course materials

The course slides will be provided to the attendees in a digital form.

Course duration and format

One day. The training includes lunch and a coffee break.

About the trainer

Ron Munitz, CEO of The PSCG Premium Consulting group, is a parallel entrepreneur, specialising in Operating System internals and Embedded Security. His experience ranges from esoteric real-time operating systems and all kind of Industrial devices to anything Unix/Linux flavoured, with renowned expertise on the Linux kernel, XNU Kernel and Android and MacOS ecosystems. Ron is an experienced lecturer, who has trained thousands of engineers for The PSCG, ARM and the Linux Foundation, and has initiated and led cybersecurity tracks in several universities.​

When not teaching or consulting, Ron is leading PSCG Holdings LTD, a house of excellence for entrepreneurs-researchers, active in the Aerospace, Maritime, Automotive and Mobile cybersecurity domains.

In his previous lifetimes, Ron founded Nubo Software, the first Android display protocol, brought up Linux and some RTOS's on more boards than he can remember, did all kinds of security related work ( ;-) ), and led the development of a couple of satellite launchers ( ;-) ;-) ).


Managing the risk and growth of using Open Source Software

By Jason Hammond and Rhys Arkins

Today, every company is a software company. Even companies with a core business that is not about developing software products are building software to help run their businesses. More and more, development organizations are using open source software as part of their applications in order to support their agility and efficiency goals. While the benefits of using open source software are apparent, organizations need to manage the vulnerabilities and risks associated with that use. In this session you will learn about the business impact of security vulnerabilities and license compliance issues presented to organizations that use open source software. You will also learn how Software Composition Analysis tools, such as WhiteSource Software, can help to automate and simplify the process of managing vulnerability and compliance issues throughout the Software Delivery Lifecycle (SDLC). The session will include a hands-on workshop using WhiteSource Software to scan code for open source libraries, build an inventory of these libraries, and highlight identified security vulnerabilities, the licenses associated with these libraries, and the identified risk they present.

Audience and prerequisites

The course is targeted at Application development managers and team members, security practitioners, and compliance officers.

Some familiarity with the use of open source software in software development projects, open source software security vulnerabilities and licenses, and software scanning tools and processes will be helpful, but is not required. Participants should bring their personal laptops to access cloud services used in the workshop. Laptops should be running a version of Windows with Remote Desktop Connection (RDP).

Course materials

Presentation materials. Hands-on exercise use case workbook

Course duration and format

One day. The training includes lunch and a coffee break.

Detailed agenda

9:00-09:45 Overview:

9:45- 10:00 Coffee Break

10:00 -12:00 Hands-On Exercises

12:00-13:00 Lunch

13:00 – 14:30 Hands-On Exercises continued

14:30 – 14:45 Coffee break

14:45- 16:00

About the trainers

Jason Hammond
Director of Solutions Engineering: Channels - WhiteSource Software
Jason Hammond is responsible for the technical enablement of WhiteSource's network of integration and go-to-market partners and their customers. He has more than 15 years of experience working in a variety of technical roles across the fields of information security, audit, and compliance. Jason is passionate about enabling businesses to adopt and expand the use of open source software in a secure, compliant, and scalable way.

Rhys Arkins
Director of Product Management - WhiteSource Software
Rhys Arkins is responsible for developer solutions at WhiteSource. He was the founder of Renovate Bot – an automated tool for software dependency updating, which was acquired by WhiteSource in 2019. Rhys is particularly fond of automation and a firm believer in never sending humans to do a machine’s job.